Backups, Firmware and Software - Cyber Security Informer

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

The My Book Live and My Book Live Duo devices received its final firmware update in 2015. “These products have been discontinued since 2014 and are no longer covered under our device software support lifecycle. . “In some cases, this compromise has led to a factory reset that appears to erase all data on the device.

Internet

Internet Internet Backups Small Business

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

eSecurity Planet

MARCH 17, 2025

Attack vectors and techniques Medusa actors leverage common ransomware tactics, including phishing campaigns and exploiting unpatched software vulnerabilities. Maintain offline backups: Store critical data backups offline to ensure recovery in case of an attack, preventing data loss and reducing downtime.

Ransomware

Ransomware Backups Firmware Insurance

Mercedes-Benz Head Unit security research report

SecureList

JANUARY 17, 2025

In our research, we used a combination of diagnostic tools: a certain hardware interface and a corresponding software application to communicate with the vehicle through the hardware device. Firmware The MMB runs on Linux, and its filesystems are located on the eMMC. Several outdated update files can still be found online. SMR-F and *.bin

Backups

Backups Architecture Firmware Software

Spectre and Meltdown Attacks Against Microprocessors

Schneier on Security

JANUARY 5, 2018

The second is that some of the patches require updating the computer's firmware. In November, Intel released a firmware update to fix a vulnerability in its Management Engine (ME): another flaw in its microprocessors. Some anti-virus software blocks the patch, or -- worse -- crashes the computer.

Firmware

Firmware Software Phishing Engineering

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Security Affairs

DECEMBER 17, 2020

Early this month, Evgueni Erchov, Director of IR & Cyber Threat Intelligence at Arete Incident Response, told ZDNet that multiple ransomware gangs are cold-calling victims if they don’t pay the ransom and attempt to restore from backups. Patch operating systems, software, firmware, and endpoints.

Ransomware

Ransomware Backups Firmware Accountability

Ranzy Locker Ransomware warning issued by FBI

CyberSecurity Insiders

OCTOBER 28, 2021

Ranzy Locker malware is also available for rent and so any threat actors having the intention to make quick money are seen distributing the newly developed file encrypting malware.

Ransomware

Ransomware Firmware Backups Encryption

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Malwarebytes

MAY 8, 2023

While the statement does not reveal a lot of tangible information, this snippet is important: “MSI urges users to obtain firmware/BIOS updates only from its official website, and not to use files from sources other than the official website.” Among them are household names like Lenovo and HP. Prevent intrusions. Detect intrusions.

Firmware

Firmware Ransomware Backups Malware

Best Disaster Recovery Solutions for 2022

eSecurity Planet

JULY 8, 2022

“With a cyberattack, it’s more than just data that needs protecting—at risk is really the entire physical infrastructure from applications and operating systems down to low-level firmware and BIOS. This type of backup and DR technology offers RPOs measured in hours. See the Best Backup Solutions for Ransomware Protection.

Backups

Backups Ransomware Technology Marketing

NCSC warns of a surge in ransomware attacks on education institutions

Security Affairs

SEPTEMBER 20, 2020

” The NCSC also provided info about the initial infection vectors observed in the ransomware attacks: Insecure Remote Desktop Protocol (RDP) configurations Vulnerable Software or Hardware Phishing emails. backup servers, network shares, servers, auditing devices). backup servers, network shares, servers, auditing devices).

Education

Education Ransomware Antivirus Backups

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

Below are the recommended mitigations included in the alert: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware

Ransomware Firmware Antivirus Accountability

CISA and FBI issue alert about Zeppelin ransomware

Malwarebytes

AUGUST 16, 2022

But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups for example, it’s not always easy to follow that advice. Maintain offline backups of data, and regularly maintain backup and restoration. Ensure all backup data is encrypted, immutable (i.e.,

Ransomware

Ransomware Backups Passwords Authentication

Threat profile: Ranzy Locker ransomware

Malwarebytes

OCTOBER 28, 2021

Find and delete shadow volume copies, and other recent backups, and disable the Windows recovery environment. Store regular backups of your data off-site and offline, where attackers can’t reach them. Install and regularly update anti-malware software on all hosts and enable real-time detection. Those extensions are .RNZ

Ransomware

Ransomware Backups Encryption Accountability

FBI warns of ransomware attacks targeting the food and agriculture sector

Security Affairs

SEPTEMBER 3, 2021

The good news is in the latter attack the victims restored its backups. The FBI provided the following mitigations to protect against ransomware attacks: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released.

Ransomware

Ransomware Backups Passwords Firmware

Data Deletion Methods: What’s Best for Sensitive Data?

eSecurity Planet

MARCH 18, 2022

Also read: Top GRC Tools & Software. Some sectors on the drive will be allocated to the firmware that manage the hard drive and communicate with the operating system. The magnetic drive firmware will not usually notify the operating system about reassigned bad sectors. Magnetic vs. Flash Drives. Magnetic Platter Hard Drives.

Firmware

Firmware Software Technology Ransomware

Topic-specific policy 7/11: backup

Notice Bored

OCTOBER 19, 2021

when I read the recommendation for a topic-specific policy on backup. If you already have a backup policy (or something with a vaguely similar title), I urge you to dig it out at this point and study it (again!) Is your backup policy exclusively about backing up computer data , most likely digital data from corporate IT systems?

Backups

Backups Risk Internet Internet

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. At the time of publishing this article, the Maze ransomware operators have released three screenshots as proof of the data breach.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

FBI issues advisory over Play ransomware

Malwarebytes

DECEMBER 19, 2023

Once inside a network, Play uses specialized tools to try and disable anti-virus software and remove log files. Screenshot of the PLAY leak site The joint CSA emphasizes the importance of having an actionable recovery plan, using multi-factor authentication (MFA) , and keeping all operating systems, software, and firmware up to date.

Ransomware

Ransomware Backups Encryption Firmware

Avoslocker ransomware gang targets US critical infrastructure

Security Affairs

MARCH 19, 2022

Implement network segmentation and maintain offline backups of data to ensure limited interruption to the organization. Regularly back up data, password protect backup copies offline. Install and regularly update antivirus software on all hosts, and enable real time detection. Do not give all users administrative privileges. ?

Ransomware

Ransomware DDOS Passwords Backups

How to Decrypt Ransomware Files – And What to Do When That Fails

eSecurity Planet

OCTOBER 18, 2022

The best defense and the best option for recovery will always be the availability of sufficient, isolated data backups and a practiced restoration process. However, even with the best planning, organizations can find a few users, machines, or systems that were overlooked or whose backup may be corrupted or encrypted.

Ransomware

Ransomware Encryption Insurance Backups

Data Deletion Methods: What’s Best for Sensitive Data?

eSecurity Planet

MARCH 18, 2022

Also read: Top GRC Tools & Software. Some sectors on the drive will be allocated to the firmware that manage the hard drive and communicate with the operating system. The magnetic drive firmware will not usually notify the operating system about reassigned bad sectors. Magnetic vs. Flash Drives. Magnetic Platter Hard Drives.

Firmware

Firmware Software Technology Ransomware

Triada strikes back

SecureList

APRIL 25, 2025

With time, the vulnerabilities were patched, and restrictions were added to the firmware. Attackers are leveraging this by embedding malicious software into Android device firmware. Attackers are now embedding a sophisticated multi-stage loader directly into device firmware. oat ) located in the same directory.

Cryptocurrency

Cryptocurrency Malware Firmware Accountability

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Hot for Security

MARCH 17, 2021

“The cyber actors then exfiltrate files from the victim’s network, sometimes using the free opensource tool WinSCP5, and proceed to encrypt all connected Windows and/or Linux devices and data, rendering critical files, databases, virtual machines, backups, and applications inaccessible to users,” according to the advisory. and others.

Education

Education Healthcare Government Ransomware

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

eSecurity Planet

SEPTEMBER 9, 2024

These vulnerabilities represent significant dangers for end users and organizations — from the remote code execution vulnerabilities in Veeam Backup & Replication and Apache OFBiz to the severe access control issues in SonicWall and Google Android. The fix: Prevent these attacks by rapidly upgrading and patching all impacted software.

Firmware

Firmware Backups Firewall Risk

BlackCat Ransomware gang breached over 60 orgs worldwide

Security Affairs

APRIL 25, 2022

Regularly back up data, air gap, and password-protect backup copies offline. Require administrator credentials to install software. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Install and regularly update antivirus and anti-malware software on all hosts.

Ransomware

Ransomware Antivirus Passwords Malware

FBI published a flash alert on Mamba Ransomware attacks

Security Affairs

MARCH 26, 2021

“Mamba ransomware weaponizes DiskCryptor—an open source full disk encryption software— to restrict victim access by encrypting an entire drive, including the operating system. Require administrator credentials to install software. • Install updates/patch operating systems, software, and firmware as soon as they are released. •

Ransomware

Ransomware Encryption Passwords Malware

Warning issued about Vice Society ransomware targeting the education sector

Malwarebytes

SEPTEMBER 7, 2022

But you should also realize that while it’s easy to say that you need reliable and easy to deploy backups, for example, it’s not always easy to follow that advice. Maintain offline backups of data, and regularly maintain backup and restoration. Ensure all backup data is encrypted, immutable (i.e.,

Education

Education Ransomware Backups Passwords

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

eSecurity Planet

JUNE 30, 2023

Cymulate ran 3,107 assessments across 340 organizations recently to see if security controls were adequate against the Clop (sometimes called “Cl0p” with a zero) ransomware group’s exploitation of a MOVEit software vulnerability ( CVE-2023-34362 ). Endpoint Security: Install and update antivirus software on all hosts.

Ransomware

Ransomware Backups Software Passwords

11 Key Steps of the Patch Management Process

eSecurity Planet

JUNE 23, 2023

Patch management is the continuous process of releasing and deploying software updates, most commonly done to solve security and functionality issues. Installing these patches and updates keeps your software and firmware secure, reliable, and up to date with the latest improvements.

Software

Software Backups Risk Firmware

How to Prevent Malware: 15 Best Practices for Malware Prevention

eSecurity Planet

OCTOBER 24, 2023

Look for Reliable Sources: Download software only from reputable sources and official websites. Avoid third-party platforms that might disguise malware as legitimate software. Utilize Ad Blockers: Shield yourself from potentially malicious ads by using ad-blocking software.

Malware

Malware Antivirus Software Passwords

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

SecureWorld News

OCTOBER 8, 2023

Use the 3-2-1 backup rule. Let devices go into sleep mode to allow for automatic software updates. Use the administrator account only for maintenance, software installation, or firmware updates. Attention should be paid to protecting routers and updating their firmware. Opt for strong, hard-to-crack passwords.

Firmware

Firmware IoT Accountability Passwords

Cloud Security: The Shared Responsibility Model

eSecurity Planet

OCTOBER 20, 2022

While cloud security offerings provide a wide spectrum of choices, there are three generalized situations to compare against on-premises data centers: infrastructure as a service (IaaS), platform as a service (PaaS), and software as a service (SaaS). This responsibility does not extend to software that customers install on cloud devices.

Backups

Backups Firewall Encryption Software

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

The Last Watchdog

APRIL 28, 2020

Firewall supplier Check Point Software Technologies has reported a massive surge in the registration of coronavirus-related domains, since Jan. Make sure you do everything possible to secure your mobile devices and that both the firmware and software are routinely updated. It’s already happening. Always remember. Never trust.

Social Engineering

Social Engineering Cyber Attacks Scams Ransomware

Top 12 Firewall Best Practices to Optimize Network Security

eSecurity Planet

DECEMBER 10, 2023

Automate Patches and Updates Ensure strong network security by automating regular updates of firewall firmware and installing security patches as soon as they become available. Create a systematic strategy for monitoring vendor releases and implementing hardware and software updates.

Firewall

Firewall Network Security Backups Education

The Biggest Lessons about Vulnerabilities at RSAC 2021

eSecurity Planet

MAY 28, 2021

This year’s featured vulnerabilities were: Testing Software Integrity. To kick off the session, SANS Fellow and Director Ed Skoudis touched on the software integrity conundrum. Software distribution prioritizes speed over trust, and the result is a sea of potential vulnerabilities. Excessive Access by Tokens.

Software

Software DNS Firmware VPN

Vulnerability Management Policy Template

eSecurity Planet

MAY 12, 2023

Vulnerability management relies on accurate lists of existing systems, software, connections, and security. Related systems, software, and processes should also be noted for the vulnerability. In some cases a mitigation may render a system unusable or cause cascading problems to other IT systems or software.

Penetration Testing

Penetration Testing Risk Firmware Software

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Maintain known-good offline backups for faster recovery upon a disruptive attack, and conduct hashing and integrity checks on firmware and controller configuration files to ensure validity of those backups. Only use admin accounts when required for tasks, such as installing software updates.

Passwords

Passwords Backups Architecture Cyber Attacks

How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection Feature

Security Boulevard

DECEMBER 27, 2022

Apple has long been criticized, with good reason, over its iCloud service not providing E2EE (where the user has the decryption keys); for years, when enabled, for a good chunk of data iPhone syncs to iCloud, Apple held the decryption keys for some stored data, which included: Message backups. Device backups. Safari Bookmarks.

Encryption

Encryption Backups Software Accountability

Ransomware: March 2022 review

Malwarebytes

APRIL 11, 2022

Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Install and regularly update antivirus software on all hosts, and enable real-time detection. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Ransomware Mitigations.

Ransomware

Ransomware Technology Accountability Firmware

North Korean APT targets US healthcare sector with Maui ransomware

Malwarebytes

JULY 10, 2022

Thankfully, although Maui may be a little different from run-of-the-mill ransomware, the steps to protect against it are not: Maintain off-site, offline backups of data and test them regularly. Keep operating systems, applications, and firmware up to date. Require administrator credentials to install software.

Healthcare

Healthcare Ransomware Encryption Firmware

FBI warns of ransomware threat to food and agriculture

Malwarebytes

SEPTEMBER 3, 2021

The FBI notice includes the following recommendations: Regularly back up data, air gap, and password protect backup copies offline. Install updates/patch operating systems, software, and firmware as soon as they are released. Require administrator credentials to install software. Implement network segmentation.

Ransomware

Ransomware Manufacturing Passwords Internet

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Security Affairs

FEBRUARY 14, 2022

The advisory also provides mitigations: Implement regular backups of all data to be stored as air gapped, password protected copies offline. Install and regularly update antivirus software on all hosts, and enable real time detection.

Ransomware

Ransomware Accountability Firmware Antivirus

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

eSecurity Planet

FEBRUARY 15, 2022

The agencies offered some sound cybersecurity advice for BlackByte that applies pretty generally: Conduct regular backups and store them as air-gapped, password-protected copies offline. Update and patch operating systems, software, and firmware as soon as updates and patches are released. A Top Priority for Security Teams.

Ransomware

Ransomware Encryption Backups Accountability

Bad Luck: BlackCat Ransomware Bulletin

Security Boulevard

MAY 9, 2022

The ransomware targets virtual machines and snapshots, looking to escape containers, encrypt any possible persistence, and wipe out backups that weren’t carefully archived. Regularly back up data, air gap, and password protect backup copies offline. Require administrator credentials to install software.

Ransomware

Ransomware Antivirus Backups Passwords

Ransomware: February 2022 review

Malwarebytes

MARCH 10, 2022

Implement regular backups of all data to be stored as air-gapped, password-protected copies offline. Install and regularly update antivirus software on all hosts, and enable real-time detection. Install updates/patch operating systems, software, and firmware as soon as updates/patches are released. Mitigations.

Ransomware

Ransomware Phishing Technology Accountability

MyBook Users Urged to Unplug Devices from Internet

Medusa Ransomware Warning: CISA and FBI Issue Urgent Advisory

Trending Sources

Mercedes-Benz Head Unit security research report

Spectre and Meltdown Attacks Against Microprocessors

DoppelPaymer ransomware gang now cold-calling victims, FBI warns

Ranzy Locker Ransomware warning issued by FBI

Ransomware attack on MSI led to compromised Intel Boot Guard private keys

Best Disaster Recovery Solutions for 2022

NCSC warns of a surge in ransomware attacks on education institutions

Ranzy Locker ransomware hit tens of US companies in 2021

CISA and FBI issue alert about Zeppelin ransomware

Threat profile: Ranzy Locker ransomware

FBI warns of ransomware attacks targeting the food and agriculture sector

Data Deletion Methods: What’s Best for Sensitive Data?

Topic-specific policy 7/11: backup

Maze ransomware operators claim to have breached LG Electronics

FBI issues advisory over Play ransomware

Avoslocker ransomware gang targets US critical infrastructure

How to Decrypt Ransomware Files – And What to Do When That Fails

Data Deletion Methods: What’s Best for Sensitive Data?

Triada strikes back

PYSA Ransomware Attacks Targeting Healthcare, Education and Government Institutions, FBI Warns

Vulnerability Recap 9/9/24 – Exploited Vulnerabilities Persist

BlackCat Ransomware gang breached over 60 orgs worldwide

FBI published a flash alert on Mamba Ransomware attacks

Warning issued about Vice Society ransomware targeting the education sector

Half of EDR Tools, Organizations Vulnerable to Clop Ransomware: Researchers

11 Key Steps of the Patch Management Process

How to Prevent Malware: 15 Best Practices for Malware Prevention

Beyond the Office: Securing Home Devices and Networks Against Corporate Breaches

Cloud Security: The Shared Responsibility Model

MY TAKE: Why COVID-19 ‘digital distancing’ is every bit as vital as ‘social distancing’

Top 12 Firewall Best Practices to Optimize Network Security

The Biggest Lessons about Vulnerabilities at RSAC 2021

Vulnerability Management Policy Template

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

How (and Why) to Take Full Advantage of Apple’s New Advanced Data Protection Feature

Ransomware: March 2022 review

North Korean APT targets US healthcare sector with Maui ransomware

FBI warns of ransomware threat to food and agriculture

BlackByte ransomware breached at least 3 US critical infrastructure organizations

Feds Warn About Critical Infrastructure Ransomware Attacks, Vulnerabilities

Bad Luck: BlackCat Ransomware Bulletin

Ransomware: February 2022 review

Stay Connected